<?php

use App\Http\Controllers\AuthController;
use App\Http\Controllers\EventController;
use Illuminate\Support\Facades\Route;

// Routes publiques
Route::get('/events', [EventController::class, 'index']);
Route::get('/events/{slug}', [EventController::class, 'show']);
Route::get('/events/{slug}/plans', [EventController::class, 'plans']);
Route::get('/events/{slug}/settings', [EventController::class, 'settings']);

// Routes d'inscription publique (sans authentification)
Route::prefix('public')->group(function () {
    // Rate limiting configurable depuis config/registrations.php
    $rateLimit = explode(',', config('registrations.rate_limit', '20,1'));
    Route::middleware(['throttle:' . $rateLimit[0] . ',' . $rateLimit[1]])->group(function () {
        Route::post('/events/{event}/registrations', [\App\Http\Controllers\PublicRegistrationController::class, 'store'])
            ->name('public.registrations.store');
        
        // Vérification email (si activée)
        Route::get('/registrations/verify/{token}', [\App\Http\Controllers\PublicRegistrationVerificationController::class, 'verify'])
            ->name('public.registrations.verify');
        
        // Renvoi d'email de vérification
        Route::post('/registrations/resend-verification', [\App\Http\Controllers\PublicRegistrationVerificationController::class, 'resend'])
            ->name('public.registrations.resend');
        
        // Recommandations publiques
        Route::post('/recommendations', [\App\Http\Controllers\PublicRecommendationController::class, 'store'])
            ->name('public.recommendations.store');

        // Déclaration de don publique (Soutenir)
        Route::post('/donations', [\App\Http\Controllers\PublicDonationController::class, 'store'])
            ->name('public.donations.store');
        // Aperçu / téléchargement lettre d'invitation PDF (avant soumission)
        Route::post('/recommendations/preview-invitation', [\App\Http\Controllers\PublicRecommendationController::class, 'previewInvitation'])
            ->name('public.recommendations.preview-invitation');
    });
});

// Routes d'authentification
Route::prefix('auth')->group(function () {
    Route::post('/register', [AuthController::class, 'register']);
    Route::post('/login', [AuthController::class, 'login']);
    Route::get('/activate/check', [AuthController::class, 'activateCheck']);
    Route::post('/activate', [AuthController::class, 'activate']);

    Route::middleware('auth:sanctum')->group(function () {
        Route::post('/logout', [AuthController::class, 'logout']);
        Route::get('/me', [AuthController::class, 'me']);
    });
});

// Compte utilisateur connecté (self-service)
Route::middleware('auth:sanctum')->prefix('account')->group(function () {
    Route::post('/change-password', [\App\Http\Controllers\AccountController::class, 'changePassword'])
        ->name('account.change-password');
});

// Routes d'inscription (authentifiées)
Route::middleware('auth:sanctum')->group(function () {
    Route::get('/registrations/me', [\App\Http\Controllers\RegistrationController::class, 'me']);
    Route::post('/registrations', [\App\Http\Controllers\RegistrationController::class, 'store']);
    Route::put('/registrations/{registration}', [\App\Http\Controllers\RegistrationController::class, 'update']);
    Route::post('/registrations/{registration}/select-payment', [\App\Http\Controllers\RegistrationController::class, 'selectPayment']);
    Route::post('/registrations/{registration}/submit', [\App\Http\Controllers\RegistrationController::class, 'submit']);
    Route::post('/registrations/{registration}/payments', [\App\Http\Controllers\RegistrationPaymentController::class, 'store']);
});

// Dons (participant ou admin selon permission)
Route::middleware('auth:sanctum')->group(function () {
    Route::post('/donations', [\App\Http\Controllers\DonationController::class, 'store']);
});

// Routes de contributions (authentifiées)
Route::middleware('auth:sanctum')->group(function () {
    Route::get('/contributions/me', [\App\Http\Controllers\ContributionController::class, 'me']);
    Route::post('/contributions', [\App\Http\Controllers\ContributionController::class, 'store']);
    Route::put('/contributions/{contribution}', [\App\Http\Controllers\ContributionController::class, 'update']);
    Route::post('/contributions/{contribution}/submit', [\App\Http\Controllers\ContributionController::class, 'submit']);
});

// Routes batches (delegate_lead)
Route::middleware('auth:sanctum')->group(function () {
    Route::get('/batches/me', [\App\Http\Controllers\BatchController::class, 'me']);
    Route::post('/batches', [\App\Http\Controllers\BatchController::class, 'store']);
    Route::get('/batches/{batch}', [\App\Http\Controllers\BatchController::class, 'show']);
    Route::post('/batches/{batch}/add-registration', [\App\Http\Controllers\BatchController::class, 'addRegistration']);
    Route::post('/batches/{batch}/add-contribution', [\App\Http\Controllers\BatchController::class, 'addContribution']);
    Route::post('/batches/{batch}/submit', [\App\Http\Controllers\BatchController::class, 'submit']);
});

// Routes backoffice (treasurer/admin)
Route::middleware('auth:sanctum')->prefix('treasury')->group(function () {
    Route::get('/contributions', [\App\Http\Controllers\TreasuryController::class, 'contributions']);
    Route::post('/contributions/{contribution}/confirm', [\App\Http\Controllers\TreasuryController::class, 'confirm']);
    Route::get('/batches', [\App\Http\Controllers\TreasuryController::class, 'batches']);
    Route::post('/batches/{batch}/mark-paid', [\App\Http\Controllers\TreasuryController::class, 'markBatchPaid']);
});

// Module Finance V1 / V1.1 (commission finance / admin)
Route::middleware('auth:sanctum')->prefix('finance')->group(function () {
    Route::get('/dashboard', [\App\Http\Controllers\FinanceController::class, 'dashboard']);
    Route::get('/accounts', [\App\Http\Controllers\FinanceController::class, 'indexAccounts']);
    Route::post('/accounts', [\App\Http\Controllers\FinanceController::class, 'storeAccount']);
    Route::patch('/accounts/{account}', [\App\Http\Controllers\FinanceController::class, 'updateAccount']);
    Route::delete('/accounts/{account}', [\App\Http\Controllers\FinanceController::class, 'destroyAccount']);
    Route::get('/ledger', [\App\Http\Controllers\FinanceController::class, 'ledger']);
    Route::get('/expenses', [\App\Http\Controllers\FinanceController::class, 'indexExpenses']);
    Route::post('/expenses', [\App\Http\Controllers\FinanceController::class, 'storeExpense']);
    Route::post('/expenses/{expense}/submit', [\App\Http\Controllers\FinanceController::class, 'submitExpense']);
    Route::post('/expenses/{expense}/approve', [\App\Http\Controllers\FinanceController::class, 'approveExpense']);
    Route::post('/expenses/{expense}/reject', [\App\Http\Controllers\FinanceController::class, 'rejectExpense']);
    Route::post('/expenses/{expense}/pay', [\App\Http\Controllers\FinanceController::class, 'payExpense']);
    Route::get('/budgets', [\App\Http\Controllers\FinanceController::class, 'indexBudgets']);
    Route::post('/budgets', [\App\Http\Controllers\FinanceController::class, 'storeBudgets']);
    Route::post('/events/{event}/close', [\App\Http\Controllers\FinanceController::class, 'closeEvent']);
    Route::post('/registrations/{registration}/payments', [\App\Http\Controllers\FinanceController::class, 'storePaymentForRegistration']);
    Route::get('/payments/{payment}/proof', [\App\Http\Controllers\FinanceController::class, 'downloadPaymentProof']);
    Route::post('/payments/{payment}/confirm', [\App\Http\Controllers\FinanceController::class, 'confirmPayment']);
    Route::post('/payments/{payment}/reject', [\App\Http\Controllers\FinanceController::class, 'rejectPayment']);
    Route::post('/payments/{payment}/receipt', [\App\Http\Controllers\FinanceController::class, 'issuePaymentReceipt']);
    Route::post('/payments/{payment}/receipt/send-email', [\App\Http\Controllers\FinanceController::class, 'sendPaymentReceiptEmail']);
    Route::post('/donations/{donation}/confirm', [\App\Http\Controllers\FinanceController::class, 'confirmDonation']);
    Route::post('/donations/{donation}/reject', [\App\Http\Controllers\FinanceController::class, 'rejectDonation']);
    Route::post('/donations/{donation}/receipt', [\App\Http\Controllers\FinanceController::class, 'issueDonationReceipt']);
    Route::post('/donations/{donation}/receipt/send-email', [\App\Http\Controllers\FinanceController::class, 'sendDonationReceiptEmail']);
});
Route::middleware('auth:sanctum')->group(function () {
    Route::get('/receipts/{receipt}/download', [\App\Http\Controllers\FinanceController::class, 'downloadReceipt']);
});

// Routes exports (admin/treasurer)
Route::middleware('auth:sanctum')->prefix('admin/exports')->group(function () {
    Route::get('/participants', [\App\Http\Controllers\Admin\ExportController::class, 'participants']);
    Route::get('/contributions', [\App\Http\Controllers\Admin\ExportController::class, 'contributions']);
    Route::get('/batches', [\App\Http\Controllers\Admin\ExportController::class, 'batches']);
});

// Routes admin pour inscriptions (admin/treasurer)
// Policy enforcement dans le controller (pas de middleware role:admin en dur)
Route::middleware('auth:sanctum')->prefix('admin/registrations')->group(function () {
    Route::get('/', [\App\Http\Controllers\Admin\RegistrationController::class, 'index'])
        ->name('admin.registrations.index');
    Route::get('/stats', [\App\Http\Controllers\Admin\RegistrationController::class, 'stats'])
        ->name('admin.registrations.stats');
    Route::get('/{registration}', [\App\Http\Controllers\Admin\RegistrationController::class, 'show'])
        ->name('admin.registrations.show');
    Route::patch('/{registration}/status', [\App\Http\Controllers\Admin\RegistrationController::class, 'updateStatus'])
        ->name('admin.registrations.updateStatus');
    Route::put('/{registration}', [\App\Http\Controllers\Admin\RegistrationController::class, 'update'])
        ->name('admin.registrations.update');
    Route::delete('/{registration}', [\App\Http\Controllers\Admin\RegistrationController::class, 'destroy'])
        ->name('admin.registrations.destroy');
});

// Routes admin pour recommandations (admin/treasurer)
Route::middleware('auth:sanctum')->prefix('admin/recommendations')->group(function () {
    Route::get('/', [\App\Http\Controllers\Admin\RecommendationController::class, 'index'])
        ->name('admin.recommendations.index');
    Route::get('/{recommendation}', [\App\Http\Controllers\Admin\RecommendationController::class, 'show'])
        ->name('admin.recommendations.show');
    Route::patch('/{recommendation}/status', [\App\Http\Controllers\Admin\RecommendationController::class, 'updateStatus'])
        ->name('admin.recommendations.updateStatus');
    Route::post('/{recommendation}/send-email', [\App\Http\Controllers\Admin\RecommendationController::class, 'sendEmail'])
        ->name('admin.recommendations.sendEmail');
});

// Routes admin pour utilisateurs (Super Admin uniquement, policy)
Route::middleware('auth:sanctum')->prefix('admin/users')->group(function () {
    Route::get('/', [\App\Http\Controllers\Admin\UserController::class, 'index'])
        ->name('admin.users.index');
    Route::get('/{user}', [\App\Http\Controllers\Admin\UserController::class, 'show'])
        ->name('admin.users.show');
    Route::post('/', [\App\Http\Controllers\Admin\UserController::class, 'store'])
        ->name('admin.users.store');
    Route::put('/{user}', [\App\Http\Controllers\Admin\UserController::class, 'update'])
        ->name('admin.users.update');
    Route::delete('/{user}', [\App\Http\Controllers\Admin\UserController::class, 'destroy'])
        ->name('admin.users.destroy');
    Route::post('/{user}/send-activation', [\App\Http\Controllers\Admin\UserController::class, 'sendActivation'])
        ->middleware('throttle:3,1')
        ->name('admin.users.send-activation');
});